I ran into a situation where tnsping and other connections like ssh and such took at least 5 seconds (5000 msec) to establish:
Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = host.domain.local)(PORT = 1521))
(CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = ORCL)))
OK (5010 msec)
Also connecting to ‘host.domain.local’ with ssh took about 5 seconds. At first I thought it had to with sshd and some authentication options which had to timeout first, but than I discovered tnsping also waits 5 seconds. When connecting to the ip address it took 0 msec… aha… a DNS thing?!
After Googling I found it has to do with the way DNS lookups are done and how this is handled at the DNS server. After a change in glibc (2.9 and 2.10) requests are done in parallel for A (ipv4) and AAAA (ipv6) records and that change could be misunderstood by (older) DNS servers and only one reply is returned. A default timeout in the resolver is set to 5 seconds, this is where the 5 seconds wait comes from for the second request that does not return. Of course the timeout can be set lower to 1 second (‘options timeout:1’ in resolv.conf), but for me that not a good solution.
I came across this blog post (CentOS 6 fixes dns slow by add options single-request-reopen to /etc/resolv.conf), which show a fix the ‘5 second delay’ at the resolving client side by adding a different option ‘single-request’ or ‘single-request-reopen’ in resolv.conf:
options single-request # and/or options single-request-reopen search domain.local nameserver 10.0.0.1
For me both single options work, not necessarily both at the same time. I’m using Oracle Linux 7.3, so it’s not only a Linux 6 thing.
It is (probably) also described at RedHat, but you need an active subscription to view the content: (RHEL: DNS resolution can take 5 seconds or longer).
Happy resolving!